CVE-2022-43569 Persistent Cross-Site Scripting via a Data Model object name in Splunk Enterprise

🗓️ 04 Nov 2022 22:22:31Reported by SplunkType

Persistent Cross-Site Scripting in Splunk Enterprise version

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2022-43569	30 Apr 202520:14	–	circl
CNNVD	Splunk 跨站脚本漏洞	2 Nov 202200:00	–	cnnvd
CVE	CVE-2022-43569	4 Nov 202222:22	–	cve
EUVD	EUVD-2022-46565	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Splunk Enterprise	3 Nov 202200:00	–	ncsc
NVD	CVE-2022-43569	4 Nov 202223:15	–	nvd
Prion	Cross site scripting	4 Nov 202223:15	–	prion
Positive Technologies	PT-2022-26972 · Splunk · Splunk Enterprise	4 Nov 202200:00	–	ptsecurity
Tenable Nessus	Splunk Enterprise 8.1 < 8.1.12, 8.2.0 < 8.2.9, 9.0.0 < 9.0.2 (SVD-2022-1109)	3 Nov 202200:00	–	nessus
Vulnrichment	CVE-2022-43569 Persistent Cross-Site Scripting via a Data Model object name in Splunk Enterprise	4 Nov 202222:22	–	vulnrichment

[
  {
    "defaultStatus": "affected",
    "product": "Splunk Enterprise",
    "vendor": "Splunk",
    "versions": [
      {
        "lessThan": "8.1.12",
        "status": "affected",
        "version": "8.1",
        "versionType": "custom"
      },
      {
        "lessThan": "8.2.9",
        "status": "affected",
        "version": "8.2",
        "versionType": "custom"
      },
      {
        "lessThan": "9.0.2",
        "status": "affected",
        "version": "9.0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
splunk	www.splunk.com/en_us/product-security/announcements/svd-2022-1109.html
research	www.research.splunk.com/application/062bff76-5f9c-496e-a386-cb1adcf69871/

04 Nov 2022 22:22Current

7.3High risk

Vulners AI Score7.3

CVSS 3.18

EPSS0.00812

CWE-79